SceSblAuthMgr: Difference between revisions
CelesteBlue (talk | contribs) No edit summary |
|||
(80 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
'''S'''ecure '''Bl'''ock Authentication Manager | |||
== Module == | == Module == | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
! Version | ! Version !! World !! Privilege | ||
|- | |- | ||
| | | 0.931.010-3.740.011 || Non-secure || Kernel | ||
|} | |} | ||
Line 17: | Line 18: | ||
! Version !! Name !! World !! Visibility !! NID | ! Version !! Name !! World !! Visibility !! NID | ||
|- | |- | ||
| | | 0.931.010-3.740.011 || [[SceSblAuthMgr#SceSblAuthMgrForKernel|SceSblAuthMgrForKernel]] || Non-secure || Kernel || 0x7ABF5135 | ||
|- | |- | ||
| 0.931.010-3.740.011 || [[SceSblAuthMgr#SceSblAuthMgrForDriver|SceSblAuthMgrForDriver]] || Non-secure || Kernel || 0x4EB2B1BB | |||
|} | |} | ||
== SceSblAuthMgrForKernel == | == SceSblAuthMgrForKernel == | ||
These functions are used for [[SceKernelModulemgr#Decrypt_SELF_ELF_Program| | These functions are used for [[SceKernelModulemgr#Decrypt_SELF_ELF_Program|SELF decryption]]. | ||
=== | === sceSblAuthMgrOpenForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.931.010-3.740.011 || 0xA9CD2A09 | |||
|} | |||
|- | |||
Temp name was sceSblAuthMgrInvokeSMForKernel, sceSblAuthMgrSmStartForKernel. | |||
<source lang="C"> | |||
// If initialization is successful - pHandle will be initialized to 1 | |||
int sceSblAuthMgrOpenForKernel(int *pHandle); | |||
</source> | |||
=== sceSblAuthMgrCloseForKernel === | |||
{| class="wikitable" | |||
! Version !! NID | |||
|- | |- | ||
| 0.931.010-3.740.011 || 0x026ACBAD | |||
|} | |} | ||
Temp name was sceSblAuthMgrStopSMForKernel, sceSblAuthMgrSmStopForKernel. | |||
Issues [[Secure_Modules_Functions#Request_Buffer|kprx_auth_sm command -1]]. | |||
<source lang="C"> | <source lang="C"> | ||
// | // handle - obtained with sceSblAuthMgrOpenForKernel. Handle must equal 1 for successful close. | ||
int | int sceSblAuthMgrCloseForKernel(int handle); | ||
</source> | </source> | ||
=== | === sceSblAuthMgrStartForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.931.010-0.996.090 || 0xCAA38DF7 | |||
|- | |- | ||
| 3. | | 1.000.071-3.740.011 || not present | ||
|} | |} | ||
Creates SceSblAuthMgrZlibHeap. | |||
<source lang="C"> | <source lang="C">int sceSblAuthMgrStartForKernel(void);</source> | ||
int | |||
</source> | |||
=== | === sceSblAuthMgrStopForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |||
| 0.931.010-0.996.090 || 0x6C1F5048 | |||
|- | |- | ||
! Version | | 1.000.071-3.740.011 || not present | ||
! NID | |} | ||
Deletes SceSblAuthMgrZlibHeap. | |||
<source lang="C">int sceSblAuthMgrStopForKernel(void);</source> | |||
=== sceSblAuthMgrAuthHeaderForKernel === | |||
{| class="wikitable" | |||
! Version !! NID | |||
|- | |- | ||
| 3. | | 0.931.010-3.740.011 || 0xF3411881 | ||
|} | |} | ||
Issues | Issues [[Secure_Modules_Functions#0x10001_-_sceSblAuthMgrAuthHeader|kprx_auth_sm command 0x10001]] | ||
< | <code>SceSblSmCommContext130</code> type is defined in [[SceSblSsSmComm#Types|SceSblSsSmComm]]. | ||
?Read caller SELF Info using sceKernelGetSelfAuthInfoForKernel? then writes it to context_130->caller_self_auth_info. | |||
Calls smc_137 and smc_134 that interact with Cmep. Cmep sets context_130->called_self_auth_info. | |||
// | <source lang="C"> | ||
int | // handle - obtained with sceSblAuthMgrOpenForKernel | ||
int sceSblAuthMgrAuthHeaderForKernel(int handle, const void *self_header_addr, SceSize SelfHeaderSize, SceSblSmCommContext130 *auth_info); | |||
</source> | </source> | ||
=== | === sceSblAuthMgrSetupAuthSegmentForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.931.010-3.740.011 || 0x89CCDA2C | |||
|- | |||
|} | |} | ||
Issues | Temp name was sceSblAuthMgrLoadSelfSegmentForKernel, sceSblAuthMgrLoadSegmentForKernel. | ||
Issues [[Secure_Modules_Functions#0x20001_-_sceSblAuthMgrSetupAuthSegment|kprx_auth_sm command 0x20001]]. | |||
<source lang="C"> | <source lang="C"> | ||
// | // handle - obtained with sceSblAuthMgrOpenForKernel | ||
int | |||
0.931.010-1.500 | |||
int sceSblAuthMgrSetupAuthSegmentForKernel(int handle, int segment_number, SceSize segment_size, void *output_buffer, SceSize program_size); | |||
3.600.011-3.740.011 | |||
int sceSblAuthMgrSetupAuthSegmentForKernel(int handle, int segment_number); | |||
</source> | </source> | ||
=== | === sceSblAuthMgrAuthSegmentForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.990.000-3.740.011 || 0xBC422443 | |||
|- | |||
|} | |} | ||
Issues | Temp name was sceSblAuthMgrLoadSelfBlockForKernel, sceSblAuthMgrLoadBlockForKernel. | ||
Issues [[Secure_Modules_Functions#0x30001_-_sceSblAuthMgrLoadBlock|kprx_auth_sm command 0x30001]] | |||
<source lang="C"> | <source lang="C"> | ||
int | // handle - obtained with sceSblAuthMgrOpenForKernel | ||
int sceSblAuthMgrAuthSegmentForKernel(int handle, void *buffer, SceSize len); | |||
</source> | </source> | ||
=== | === sceSblAuthMgrLoadSegmentInternalForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.990.000-1.692.000 || 0x15248FB4 | |||
|- | |- | ||
| 1. | | 1.800.071-3.740.011 || not present | ||
|- | |} | ||
| | |||
<source lang="C"> | |||
// handle - obtained with sceSblAuthMgrOpenForKernel | |||
int sceSblAuthMgrLoadSegmentInternalForKernel(int handle, int a2, unsigned int a3); | |||
</source> | |||
=== sceSblAuthMgrSetDmac5KeyForKernel === | |||
{| class="wikitable" | |||
! Version !! NID | |||
|- | |- | ||
| 0.990.000-3.740.011 || 0x122ACDEA | |||
|} | |} | ||
Issues | Issues [[Secure_Modules_Functions#0x50001_-_sceSblAuthMgrSetDmac5KeyForKernel|kprx_auth_sm command 0x50001]]. | ||
<source lang="C"> | <source lang="C"> | ||
//key_size - in bytes | // key_size - in bytes | ||
int | int sceSblAuthMgrSetDmac5KeyForKernel(const void *key, SceSize key_size, int slot_id, int key_id); | ||
</source> | </source> | ||
=== | === sceSblAuthMgrClearDmac5KeyForKernel === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.990.000-3.740.011 || 0xF2BB723E | |||
| | |||
|} | |} | ||
Issues | Issues [[Secure_Modules_Functions#0x60001_-_sceSblAuthMgrClearDmac5KeyForKernel|kprx_auth_sm command 0x60001]]. | ||
<source lang="C">int | <source lang="C">int sceSblAuthMgrClearDmac5KeyForKernel(int unk0, int unk1);</source> | ||
=== | === SceSblAuthMgrForKernel_2A83A012 === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 1.800.071-3.740.011 || 0x2A83A012 | |||
|- | |||
|} | |} | ||
returns 0 | Not implemented and returns 0. Maybe implemented in some internal System Software versions. | ||
=== | <source lang="C">int SceSblAuthMgrForKernel_2A83A012(void);</source> | ||
=== sceSblAuthMgrCompareSwVersionForKernel === | |||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.931.010-0.996.090 || not present | |||
|- | |||
|- | |- | ||
| 1.000.071-3.740.011 || 0xABAB8466 | |||
|} | |} | ||
Aligns version on 12 bits then compares to the hardcoded current firmware version (example: 0x03600000 on FW 3.60). | |||
<source lang="C">int | <source lang="C">int sceSblAuthMgrCompareSwVersionForKernel(int version);</source> | ||
== SceSblAuthMgrForDriver == | == SceSblAuthMgrForDriver == | ||
=== | === sceSblAuthMgrGetEKcForDriver === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.990.000-3.740.011 || 0x868B9E9A | |||
| | |||
|} | |} | ||
Issues | EKc might mean Encrypted Klicensee. | ||
Issues [[Secure_Modules_Functions#0x40001_-_sceSblAuthMgrGetEKcForDriver|kprx_auth_sm command 0x40001]]. | |||
<source lang="C">int | <source lang="C">int sceSblAuthMgrGetEKcForDriver(void *data, SceSize size, int key_id);</source> | ||
=== | === sceSblAuthMgrDecBindDataForDriver === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.990.000-3.740.011 || 0x41DAEA12 | |||
| | |||
|} | |} | ||
Issues | Issues [[Secure_Modules_Functions#0x70001_-_sceSblAuthMgrDecBindDataForDriver|kprx_auth_sm command 0x70001]]. | ||
<source lang="C"> | <source lang="C"> | ||
//request should contain pair of keys and rif data | // request should contain pair of keys and rif data | ||
int | int sceSblAuthMgrDecBindDataForDriver(char* klicensee, int klicensee_len, char* request, int request_len, int zero); | ||
</source> | </source> | ||
=== | === sceSblAuthMgrVerifySpsfoForDriver === | ||
{| class="wikitable" | {| class="wikitable" | ||
! Version !! NID | |||
|- | |- | ||
| 0.931.010-0.990.000 || not present | |||
|- | |- | ||
| 3. | | 0.996.090-3.740.011 || 0x24C4CE64 | ||
|} | |} | ||
Used by [[SceSblPostSsMgr# | Used by [[SceSblPostSsMgr#sceSblSpsfoMgrVerifyForDriver|sceSblSpsfoMgrVerifyForDriver]]. | ||
Issues [[Secure_Modules_Functions#0x80001_-_sceSblAuthMgrVerifySpsfo|kprx_auth_sm command 0x80001]]. | |||
Spsfo (signed param.sfo) file is located in game cartridge at path gro0:gc/param.sfo. It can also be loaded from host0: on DevKit. It has 3 parts: CF header and certification, plain SceSpsfoHeader and plain SFO (maybe reduced). | |||
<source lang="C"> | |||
typedef struct SceSpsfoHeader { // size is 0x200 usually | |||
int version; // ex: 1 | |||
SceSize size; // header size | |||
uint64_t system_version; // ex: 0x0330000000000110 | |||
char titleid[0x20]; | |||
uint64_t parent_authority_id; // ex: 0x2800000000000030 | |||
uint64_t process_authority_id; | |||
char reserved[0x1C0]; | |||
} SceSpsfoHeader; | |||
Note : SceSpsfoHeader and spsfo_ctx may be different | |||
</source> | |||
<source lang="C">int | <source lang="C">int sceSblAuthMgrVerifySpsfoForDriver(spsfo_ctx *ctx);</source> | ||
[[Category:ARM]] | |||
[[Category:Kernel]] | |||
[[Category:Modules]] | [[Category:Modules]] | ||
[[Category: | [[Category:Library]] |
Latest revision as of 22:25, 16 July 2023
Secure Block Authentication Manager
Module
Version | World | Privilege |
---|---|---|
0.931.010-3.740.011 | Non-secure | Kernel |
Libraries
Known NIDs
Version | Name | World | Visibility | NID |
---|---|---|---|---|
0.931.010-3.740.011 | SceSblAuthMgrForKernel | Non-secure | Kernel | 0x7ABF5135 |
0.931.010-3.740.011 | SceSblAuthMgrForDriver | Non-secure | Kernel | 0x4EB2B1BB |
SceSblAuthMgrForKernel
These functions are used for SELF decryption.
sceSblAuthMgrOpenForKernel
Version | NID |
---|---|
0.931.010-3.740.011 | 0xA9CD2A09 |
Temp name was sceSblAuthMgrInvokeSMForKernel, sceSblAuthMgrSmStartForKernel.
// If initialization is successful - pHandle will be initialized to 1 int sceSblAuthMgrOpenForKernel(int *pHandle);
sceSblAuthMgrCloseForKernel
Version | NID |
---|---|
0.931.010-3.740.011 | 0x026ACBAD |
Temp name was sceSblAuthMgrStopSMForKernel, sceSblAuthMgrSmStopForKernel.
Issues kprx_auth_sm command -1.
// handle - obtained with sceSblAuthMgrOpenForKernel. Handle must equal 1 for successful close. int sceSblAuthMgrCloseForKernel(int handle);
sceSblAuthMgrStartForKernel
Version | NID |
---|---|
0.931.010-0.996.090 | 0xCAA38DF7 |
1.000.071-3.740.011 | not present |
Creates SceSblAuthMgrZlibHeap.
int sceSblAuthMgrStartForKernel(void);
sceSblAuthMgrStopForKernel
Version | NID |
---|---|
0.931.010-0.996.090 | 0x6C1F5048 |
1.000.071-3.740.011 | not present |
Deletes SceSblAuthMgrZlibHeap.
int sceSblAuthMgrStopForKernel(void);
sceSblAuthMgrAuthHeaderForKernel
Version | NID |
---|---|
0.931.010-3.740.011 | 0xF3411881 |
Issues kprx_auth_sm command 0x10001
SceSblSmCommContext130
type is defined in SceSblSsSmComm.
?Read caller SELF Info using sceKernelGetSelfAuthInfoForKernel? then writes it to context_130->caller_self_auth_info.
Calls smc_137 and smc_134 that interact with Cmep. Cmep sets context_130->called_self_auth_info.
// handle - obtained with sceSblAuthMgrOpenForKernel int sceSblAuthMgrAuthHeaderForKernel(int handle, const void *self_header_addr, SceSize SelfHeaderSize, SceSblSmCommContext130 *auth_info);
sceSblAuthMgrSetupAuthSegmentForKernel
Version | NID |
---|---|
0.931.010-3.740.011 | 0x89CCDA2C |
Temp name was sceSblAuthMgrLoadSelfSegmentForKernel, sceSblAuthMgrLoadSegmentForKernel.
Issues kprx_auth_sm command 0x20001.
// handle - obtained with sceSblAuthMgrOpenForKernel 0.931.010-1.500 int sceSblAuthMgrSetupAuthSegmentForKernel(int handle, int segment_number, SceSize segment_size, void *output_buffer, SceSize program_size); 3.600.011-3.740.011 int sceSblAuthMgrSetupAuthSegmentForKernel(int handle, int segment_number);
sceSblAuthMgrAuthSegmentForKernel
Version | NID |
---|---|
0.990.000-3.740.011 | 0xBC422443 |
Temp name was sceSblAuthMgrLoadSelfBlockForKernel, sceSblAuthMgrLoadBlockForKernel.
Issues kprx_auth_sm command 0x30001
// handle - obtained with sceSblAuthMgrOpenForKernel int sceSblAuthMgrAuthSegmentForKernel(int handle, void *buffer, SceSize len);
sceSblAuthMgrLoadSegmentInternalForKernel
Version | NID |
---|---|
0.990.000-1.692.000 | 0x15248FB4 |
1.800.071-3.740.011 | not present |
// handle - obtained with sceSblAuthMgrOpenForKernel int sceSblAuthMgrLoadSegmentInternalForKernel(int handle, int a2, unsigned int a3);
sceSblAuthMgrSetDmac5KeyForKernel
Version | NID |
---|---|
0.990.000-3.740.011 | 0x122ACDEA |
Issues kprx_auth_sm command 0x50001.
// key_size - in bytes int sceSblAuthMgrSetDmac5KeyForKernel(const void *key, SceSize key_size, int slot_id, int key_id);
sceSblAuthMgrClearDmac5KeyForKernel
Version | NID |
---|---|
0.990.000-3.740.011 | 0xF2BB723E |
Issues kprx_auth_sm command 0x60001.
int sceSblAuthMgrClearDmac5KeyForKernel(int unk0, int unk1);
SceSblAuthMgrForKernel_2A83A012
Version | NID |
---|---|
1.800.071-3.740.011 | 0x2A83A012 |
Not implemented and returns 0. Maybe implemented in some internal System Software versions.
int SceSblAuthMgrForKernel_2A83A012(void);
sceSblAuthMgrCompareSwVersionForKernel
Version | NID |
---|---|
0.931.010-0.996.090 | not present |
1.000.071-3.740.011 | 0xABAB8466 |
Aligns version on 12 bits then compares to the hardcoded current firmware version (example: 0x03600000 on FW 3.60).
int sceSblAuthMgrCompareSwVersionForKernel(int version);
SceSblAuthMgrForDriver
sceSblAuthMgrGetEKcForDriver
Version | NID |
---|---|
0.990.000-3.740.011 | 0x868B9E9A |
EKc might mean Encrypted Klicensee.
Issues kprx_auth_sm command 0x40001.
int sceSblAuthMgrGetEKcForDriver(void *data, SceSize size, int key_id);
sceSblAuthMgrDecBindDataForDriver
Version | NID |
---|---|
0.990.000-3.740.011 | 0x41DAEA12 |
Issues kprx_auth_sm command 0x70001.
// request should contain pair of keys and rif data int sceSblAuthMgrDecBindDataForDriver(char* klicensee, int klicensee_len, char* request, int request_len, int zero);
sceSblAuthMgrVerifySpsfoForDriver
Version | NID |
---|---|
0.931.010-0.990.000 | not present |
0.996.090-3.740.011 | 0x24C4CE64 |
Used by sceSblSpsfoMgrVerifyForDriver.
Issues kprx_auth_sm command 0x80001.
Spsfo (signed param.sfo) file is located in game cartridge at path gro0:gc/param.sfo. It can also be loaded from host0: on DevKit. It has 3 parts: CF header and certification, plain SceSpsfoHeader and plain SFO (maybe reduced).
typedef struct SceSpsfoHeader { // size is 0x200 usually int version; // ex: 1 SceSize size; // header size uint64_t system_version; // ex: 0x0330000000000110 char titleid[0x20]; uint64_t parent_authority_id; // ex: 0x2800000000000030 uint64_t process_authority_id; char reserved[0x1C0]; } SceSpsfoHeader; Note : SceSpsfoHeader and spsfo_ctx may be different
int sceSblAuthMgrVerifySpsfoForDriver(spsfo_ctx *ctx);